<?php
include_once('../../conn.php');

if(isset($_GET[notify_url])){
//从PayPal 出读取POST 信息同时添加变量'cmd'
$req = 'cmd=_notify-validate';
foreach ($_POST as $key => $value) {
$value = urlencode(stripslashes($value));
$req .= "&$key=$value";
}
//建议在此将接受到的信息记录到日志文件中以确认是否收到IPN 信息
//将信息POST 回给PayPal 进行验证
$header .= "POST /cgi-bin/webscr HTTP/1.0\r\n";
$header .= "Content-Type:application/x-www-form-urlencoded\r\n";
$header .= "Content-Length:" . strlen($req) ."\r\n\r\n";
//在Sandbox 情况下，设置：
//$fp = fsockopen('www.sandbox.paypal.com',80,$errno,$errstr,30);
$fp = fsockopen ('www.paypal.com', 80, $errno, $errstr, 30);
//将POST 变量记录在本地变量中
//该付款明细所有变量可参考：
//https://www.paypal.com/IntegrationCenter/ic_ipn-pdt-variable-reference.html
$item_name = $_POST['item_name'];
$payer_id =$_POST['payer_id'];
$custom = $_POST['custom'];
$item_number = $_POST['item_number'];
$payment_status = $_POST['payment_status'];
$payment_amount = $_POST['mc_gross'];
$payment_currency = $_POST['mc_currency'];
$mc_fee =$_POST['mc_fee'];
$txn_id = $_POST['txn_id'];
$receiver_email = $_POST['receiver_email'];
$payer_email = $_POST['payer_email'];

$address_city = $_POST['address_city'];
$address_country = $_POST['address_country'];
$address_country_code = $_POST['address_country_code'];
$address_name = $_POST['address_name'];
$address_state = $_POST['address_state'];
$address_street = $_POST['address_street'];
$address_zip = $_POST['address_zip'];
$first_name = $_POST['first_name'];
$last_name = $_POST['last_name'];
$payer_business_name = $_POST['payer_business_name'];
$payer_status = $_POST['payer_status'];
$residence_country = $_POST['residence_country'];
//…
//判断回复POST 是否创建成功
if (!$fp) {
//HTTP 错误
}else {
//将回复POST 信息写入SOCKET 端口
fputs ($fp, $header .$req);
//开始接受PayPal 对回复POST 信息的认证信息
while (!feof($fp)) {
$res = fgets ($fp, 1024);
//已经通过认证
if (strcmp ($res, "VERIFIED") == 0) {
	
	 
if($payment_status=='Completed'){
	$db->UPDATE("UPDATE `".tablepre."paypal` SET `item_name`='$item_name',`payer_id`='$payer_id',`payment_status`='$payment_status',`payment_amount`='$payment_amount',`payment_currency`='$payment_currency',`mc_fee`='$mc_fee',`txn_id`='$txn_id',`receiver_email`='$receiver_email',`payer_email`='$payer_email',`custom`='$custom'
	,`address_city`='$address_city',`address_country`='$address_country',`address_country_code`='$address_country_code',`address_name`='$address_name',`address_state`='$address_state',`address_street`='$address_street',`address_zip`='$address_zip',`first_name`='$first_name',`last_name`='$last_name',`payer_business_name`='$payer_business_name',`payer_status`='$payer_status',`residence_country`='$residence_country',`paidtime`='".datetime."'
	 WHERE (`pid`='".$item_number."')");
	 $totalamount = $payment_amount - $mc_fee;
	 $db->UPDATE("UPDATE `".tablepre."user` SET advance = concat(advance + ".$totalamount.")
	 WHERE (`uid`='".$custom."')");
	 
	}else{
		$db->UPDATE("UPDATE `".tablepre."paypal` SET `payment_status`='$payment_status'
	 WHERE (`pid`='".$item_number."')");
		}
	/*
	$fwritetext= fopen('paypal2.txt', "a+");
	
	
	fwrite($fwritetext, 'item_name='.$item_name.'|item_number='.$item_number.'|payment_status='.$payment_status.'|payment_amount='.$payment_amount.'|payer_id='.$payer_id.'|payment_currency='.$payment_currency);
	*/
//检查付款状态
//检查txn_id 是否已经处理过
//检查receiver_email 是否是您的PayPal 账户中的EMAIL 地址
//检查付款金额和货币单位是否正确
//处理这次付款，包括写数据库
}else if (strcmp ($res, "INVALID") == 0) {
//未通过认证，有可能是编码错误或非法的POST 信息
}
}
fclose ($fp);
}
}
if(isset($_GET['return'])){
	include_once('../../include/func.php');
	echo "<script>alert('Completed'); location='".parameters(7)."/user_profile.php';</script>";
	exit;
}
if(isset($_GET['cancel_return'])){
	include_once('../../include/func.php');
	echo "<script>alert('cancel'); location='".parameters(7)."/user_payment.php';</script>";
	exit;
}
?>

